commit 02127ab02245936cb4869d8e2ed3b3fc378ef32b
author David Horstmann <david.horstmann@arm.com> Fri Jun 02 14:50:35 2023 +0100
committer David Horstmann <david.horstmann@arm.com> Fri Jun 02 15:51:17 2023 +0100
tree 47f0f35af0e955eb64349774640fbaea259cb1c8
parent bf95e9a0584c54bf7535c76608de31b0e52d29b2

Allow subidentifiers of size UINT_MAX

Make overflow check more accurate and add testcases

Signed-off-by: David Horstmann <david.horstmann@arm.com>

library/oid.c

diff --git a/library/oid.c b/library/oid.c
index 02e4136..b13c76b 100644
--- a/library/oid.c
+++ b/library/oid.c
@@ -1012,7 +1012,7 @@
         }
     }
 
-    if ((UINT_MAX - component2) <= (component1 * 40)) {
+    if (component2 > (UINT_MAX - (component1 * 40))) {
         ret = MBEDTLS_ERR_ASN1_INVALID_DATA;
         goto error;
     }

tests/suites/test_suite_oid.data

diff --git a/tests/suites/test_suite_oid.data b/tests/suites/test_suite_oid.data
index c5f1317..1435507 100644
--- a/tests/suites/test_suite_oid.data
+++ b/tests/suites/test_suite_oid.data
@@ -161,3 +161,9 @@
 
 OID from numeric string - OID greater than max length (129 components)
 oid_from_numeric_string:"1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1.2.3.4.5.6.7.8.1":MBEDTLS_ERR_ASN1_INVALID_DATA:""
+
+OID from numeric string - OID with maximum subidentifier
+oid_from_numeric_string:"2.4294967215":0:"8FFFFFFF7F"
+
+OID from numeric string - OID with overflowing subidentifier
+oid_from_numeric_string:"2.4294967216":MBEDTLS_ERR_ASN1_INVALID_DATA:""